1. Field of the Invention
The present invention relates to circuits used in devices which require security features to prevent unauthorized access to data used within the device.
2. Description of the Related Art
In many devices, there is a need to provide security features to protect unauthorized access to data used within the device. For example, in the field of television broadcasting, access to certain broadcast services may require payment of a fee or subscription. Such a scheme is often referred to as pay-television. Access to the broadcast services by those persons not having paid the appropriate fees or subscription is prevented by encrypting or scrambling the broadcast signals. The encrypted or scrambled broadcast signals may be decrypted or descrambled using a set-top-box storing the appropriate decryption keys and any other necessary decryption or descrambling data. Only when the appropriate fee or subscription is paid are the correct decryption keys provided to a user's set-top-box thereby allowing the broadcast signals to be decrypted or descrambled. The security of this system therefore relies on the confidentiality of the decryption keys and other decryption or descrambling data.
In order to prevent hackers from obtaining secret decryption keys and other decryption or descrambling data stored in a set-top-box, various security features are provided. Since the overall commercial viability of pay-television relies on payment of fees and subscriptions and restricting access to broadcast services accordingly, the security features provided in a set-top-box are typically extensive providing a high degree of security. However, providing such extensive security requires the provision of many additional components which increases the overall complexity of the system and increases design and manufacturing costs.
One example of a security feature is the process of verifying the authenticity of the contents of a memory in which system software, for example, is stored. A hacker may attempt to breach the security of the system be replacing legitimate system software with illegitimate software which causes securely stored decryption keys to be routed to insecure areas of the system from which they may be easily accessed. A piece of software stored in the memory may be authenticated by a device, for example, by comparing a first hash value computed by the device from the software code with a second hash value determined by decrypting a signature stored in association with the software. The signature comprises a valid hash value encrypted using a secret encryption key so that only authorized parties (typically the software producer) can generate valid signatures for a given piece of software. If the two hash values match then the software may be considered to be authentic.
With the continuing development of high-speed Internet access, it is becoming increasingly common to access digital television and other broadcast services via cable modems. Previously, cable modems have been used to access traditional Internet services only, which have less tendency to be hacked. For this reason, cable modems typically provide far fewer security features than set-top-boxes and so are much less secure. This causes the problem that when digital television and other broadcast services are accessed via cable modems, they are much more susceptible to hacking.
One solution to this problem is to provide cable modems with the additional security features typically provided in a set-top-box. However, as mentioned above, this greatly increases the cost and complexity of design and manufacturer resulting in a greater cost to the consumer.